基于javaweb的水果蔬菜商城系统(java+ssm+jsp+mysql)
运行环境
Java≥8、MySQL≥5.7、Tomcat≥8
开发工具
eclipse/idea/myeclipse/sts等均可配置运行
适用
课程设计,大作业,毕业设计,项目练习,学习演示等
功能说明
基于javaweb+jsp的水果蔬菜商城系统(java+SSM+jsp+mysql)
项目描述:这是一个基于SSM框架开发的水果蔬菜商城系统。首先,这个项目页面简洁清爽,易于理解和学习。其次,这个项目功能丰富,具有一个在线水果蔬菜商城该有的所有功能,并且还涉及到沙箱支付宝支付等等技术亮点。
项目功能:此项目分为三个角色:客户、卖家和管理员。客户有登录注册、浏览商品信息、添加购物车、支付订单、收藏商品、评论商品等等功能。卖家有管理自己的商品、管理自己的订单、管理自己个人信息等等功能。管理员具有管理所有用户信息、管理所有商品信息、管理所有评论信息、管理商品种类信息、管理所有订单信息等等功能。
应用技术:Jsp + SSM + MySQL + 沙箱支付宝
运行环境:Eclipse/IntelliJ IDEA + MySQL5.7(项目压缩包中自带) + Tomcat7.0(项目压缩包中自带) + JDK1.8
用户管理控制器:
/**
用户管理控制器
@author yy
*/
@RequestMapping(“/admin/user”)
@Controller
public class UserController {
@Autowired
private UserService userService;
@Autowired
private RoleService roleService;
/**
用户列表页面
@param model
@return
*/
@RequestMapping(value=“/list”,method=RequestMethod.GET)
public ModelAndView list(ModelAndView model){
Map<String, Object> queryMap = new HashMap<String, Object>();
model.addObject(“roleList”, roleService.findList(queryMap));
model.setViewName(“user/list”);
return model;
/**
获取用户列表
@param page
@param username
@param roleId
@param sex
@return
*/
@RequestMapping(value=“/list”,method=RequestMethod.POST)
@ResponseBody
public Map<String, Object> getList(Page page,
@RequestParam(name=“username”,required=false,defaultValue=“”) String username,
@RequestParam(name=“roleId”,required=false) Long roleId,
@RequestParam(name=“sex”,required=false) Integer sex,
HttpServletRequest request
){
Map<String, Object> ret = new HashMap<String, Object>();
Map<String, Object> queryMap = new HashMap<String, Object>();
Role role = (Role) request.getSession().getAttribute(“role”);
User user = (User) request.getSession().getAttribute(“admin”);
if(role.getId().equals(Long.valueOf(“2”))) {
//如果是卖家角色, 只能看到自己的个人信息
queryMap.put(“Id”, user.getId());
queryMap.put(“username”, username);
queryMap.put(“roleId”, roleId);
queryMap.put(“sex”, sex);
queryMap.put(“offset”, page.getOffset());
queryMap.put(“pageSize”, page.getRows());
ret.put(“rows”, userService.findList(queryMap));
ret.put(“total”, userService.getTotal(queryMap));
return ret;
/**
添加用户
@param user
@return
*/
@RequestMapping(value=“/add”,method=RequestMethod.POST)
@ResponseBody
public Map<String, String> add(User user){
Map<String, String> ret = new HashMap<String, String>();
if(user == null){
ret.put(“type”, “error”);
ret.put(“msg”, “请填写正确的用户信息!”);
return ret;
if(StringUtils.isEmpty(user.getUsername())){
ret.put(“type”, “error”);
ret.put(“msg”, “请填写用户名!”);
return ret;
if(StringUtils.isEmpty(user.getPassword())){
ret.put(“type”, “error”);
ret.put(“msg”, “请填写密码!”);
return ret;
if(user.getRoleId() == null){
ret.put(“type”, “error”);
ret.put(“msg”, “请选择所属角色!”);
return ret;
if(isExist(user.getUsername(), 0l)){
ret.put(“type”, “error”);
ret.put(“msg”, “该用户名已经存在,请重新输入!”);
return ret;
if(userService.add(user) <= 0){
ret.put(“type”, “error”);
ret.put(“msg”, “用户添加失败,请联系管理员!”);
return ret;
ret.put(“type”, “success”);
ret.put(“msg”, “角色添加成功!”);
return ret;
/**
编辑用户
@param user
@return
*/
@RequestMapping(value=“/edit”,method=RequestMethod.POST)
@ResponseBody
public Map<String, String> edit(User user){
Map<String, String> ret = new HashMap<String, String>();
if(user == null){
ret.put(“type”, “error”);
ret.put(“msg”, “请填写正确的用户信息!”);
return ret;
if(StringUtils.isEmpty(user.getUsername())){
ret.put(“type”, “error”);
ret.put(“msg”, “请填写用户名!”);
return ret;
// if(StringUtils.isEmpty(user.getPassword())){
// ret.put(“type”, “error”);
// ret.put(“msg”, “请填写密码!”);
// return ret;
// }
if(user.getRoleId() == null){
ret.put(“type”, “error”);
ret.put(“msg”, “请选择所属角色!”);
return ret;
if(isExist(user.getUsername(), user.getId())){
ret.put(“type”, “error”);
ret.put(“msg”, “该用户名已经存在,请重新输入!”);
return ret;
if(userService.edit(user) <= 0){
ret.put(“type”, “error”);
ret.put(“msg”, “用户添加失败,请联系管理员!”);
return ret;
ret.put(“type”, “success”);
ret.put(“msg”, “角色添加成功!”);
return ret;
/**
批量删除用户
@param ids
@return
*/
@RequestMapping(value=“/delete”,method=RequestMethod.POST)
@ResponseBody
public Map<String, String> delete(String ids){
Map<String, String> ret = new HashMap<String, String>();
if(StringUtils.isEmpty(ids)){
ret.put(“type”, “error”);
ret.put(“msg”, “选择要删除的数据!”);
return ret;
if(ids.contains(“,”)){
ids = ids.substring(0,ids.length()-1);
if(userService.delete(ids) <= 0){
ret.put(“type”, “error”);
ret.put(“msg”, “用户删除失败,请联系管理员!”);
return ret;
ret.put(“type”, “success”);
ret.put(“msg”, “用户删除成功!”);
return ret;
/**
上传图片
@param photo
@param request
@return
*/
@RequestMapping(value=“/upload_photo”,method=RequestMethod.POST)
@ResponseBody
public Map<String, String> uploadPhoto(MultipartFile photo,HttpServletRequest request){
Map<String, String> ret = new HashMap<String, String>();
if(photo == null){
ret.put(“type”, “error”);
ret.put(“msg”, “选择要上传的文件!”);
return ret;
if(photo.getSize() > 102410241024){
ret.put(“type”, “error”);
ret.put(“msg”, “文件大小不能超过10M!”);
return ret;
//获取文件后缀
String suffix = photo.getOriginalFilename().substring(photo.getOriginalFilename().lastIndexOf(“.”)+1,photo.getOriginalFilename().length());
if(!“jpg,jpeg,gif,png”.toUpperCase().contains(suffix.toUpperCase())){
ret.put(“type”, “error”);
ret.put(“msg”, “请选择jpg,jpeg,gif,png格式的图片!”);
return ret;
String savePath = request.getServletContext().getRealPath(“/”) + “/resources/upload/”;
File savePathFile = new File(savePath);
if(!savePathFile.exists()){
//若不存在改目录,则创建目录
savePathFile.mkdir();
String filename = new Date().getTime()+“.”+suffix;
try {
//将文件保存至指定目录
photo.transferTo(new File(savePath+filename));
}catch (Exception e) {
// TODO Auto-generated catch block
ret.put(“type”, “error”);
ret.put(“msg”, “保存文件异常!”);
e.printStackTrace();
return ret;
ret.put(“type”, “success”);
ret.put(“msg”, “用户删除成功!”);
ret.put(“filepath”,request.getServletContext().getContextPath() + “/resources/upload/” + filename );
return ret;
/**
判断该用户名是否存在
@param username
@param id
@return
*/
private boolean isExist(String username,Long id){
User user = userService.findByUsername(username);
if(user == null)return false;
if(user.getId().longValue() == id.longValue())return false;
return true;
系统操作类控制器:
/**
系统操作类控制器
@author yy
*/
@Controller
@RequestMapping(“/system”)
public class SystemController {
@Autowired
private UserService userService;
@Autowired
private RoleService roleService;
@Autowired
private AuthorityService authorityService;
@Autowired
private MenuService menuService;
@Autowired
private LogService logService;
/**
系统登录后的主页
@param model
@return
*/
@RequestMapping(value=“/index”,method=RequestMethod.GET)
public ModelAndView index(ModelAndView model,HttpServletRequest request){
List
model.addObject(“topMenuList”, MenuUtil.getAllTopMenu(userMenus));
model.addObject(“secondMenuList”, MenuUtil.getAllSecondMenu(userMenus));
model.setViewName(“system/index”);
return model;//WEB-INF/views/+system/index+.jsp = WEB-INF/views/system/index.jsp
/**
系统登录后的欢迎页
@param model
@return
*/
@RequestMapping(value=“/welcome”,method=RequestMethod.GET)
public ModelAndView welcome(ModelAndView model){
model.setViewName(“system/welcome”);
return model;
/**
系统500错误页面
@param model
@return
*/
@RequestMapping(value=“/operation_error”,method=RequestMethod.GET)
public ModelAndView operationError(ModelAndView model){
model.setViewName(“errors/500”);
return model;
/**
登陆页面
@param model
@return
*/
@RequestMapping(value=“/login”,method=RequestMethod.GET)
public ModelAndView login(ModelAndView model){
model.setViewName(“system/login”);
return model;
/**
登录表单提交处理控制器
@param user
@param cpacha
@return
*/
@RequestMapping(value=“/login”,method=RequestMethod.POST)
@ResponseBody
public Map<String, String> loginAct(User user,String cpacha,HttpServletRequest request){
Map<String, String> ret = new HashMap<String, String>();
if(user == null){
ret.put(“type”, “error”);
ret.put(“msg”, “请填写用户信息!”);
return ret;
if(StringUtils.isEmpty(cpacha)){
ret.put(“type”, “error”);
ret.put(“msg”, “请填写验证码!”);
return ret;
if(StringUtils.isEmpty(user.getUsername())){
ret.put(“type”, “error”);
ret.put(“msg”, “请填写用户名!”);
return ret;
if(StringUtils.isEmpty(user.getPassword())){
ret.put(“type”, “error”);
ret.put(“msg”, “请填写密码!”);
return ret;
Object loginCpacha = request.getSession().getAttribute(“loginCpacha”);
if(loginCpacha == null){
ret.put(“type”, “error”);
ret.put(“msg”, “会话超时,请刷新页面!”);
return ret;
if(!cpacha.toUpperCase().equals(loginCpacha.toString().toUpperCase())){
ret.put(“type”, “error”);
ret.put(“msg”, “验证码错误!”);
logService.add(“用户名为”+user.getUsername()+“的用户登录时输入验证码错误!”);
return ret;
User findByUsername = userService.findByUsername(user.getUsername());
if(findByUsername == null){
ret.put(“type”, “error”);
ret.put(“msg”, “该用户名不存在!”);
logService.add(“登录时,用户名为”+user.getUsername()+“的用户不存在!”);
return ret;
if(!user.getPassword().equals(findByUsername.getPassword())){
ret.put(“type”, “error”);
ret.put(“msg”, “密码错误!”);
logService.add(“用户名为”+user.getUsername()+“的用户登录时输入密码错误!”);
return ret;
//说明用户名密码及验证码都正确
//此时需要查询用户的角色权限
Role role = roleService.find(findByUsername.getRoleId());
List authorityList = authorityService.findListByRoleId(role.getId());//根据角色获取权限列表
String menuIds = “”;
for(Authority authority:authorityList){
menuIds += authority.getMenuId() + “,”;
if(!StringUtils.isEmpty(menuIds)){
menuIds = menuIds.substring(0,menuIds.length()-1);
List
//把角色信息、菜单信息放到session中
request.getSession().setAttribute(“admin”, findByUsername);
request.getSession().setAttribute(“role”, role);
request.getSession().setAttribute(“userMenus”, userMenus);
ret.put(“type”, “success”);
ret.put(“msg”, “登录成功!”);
logService.add(“用户名为{”+user.getUsername()+“},角色为{”+role.getName()+“}的用户登录成功!”);
return ret;
/**
后台退出注销功能
@param request
@return
*/
@RequestMapping(value=“/logout”,method=RequestMethod.GET)
public String logout(HttpServletRequest request){
HttpSession session = request.getSession();
session.setAttribute(“admin”, null);
session.setAttribute(“role”, null);
request.getSession().setAttribute(“userMenus”, null);
return “redirect:login”;
/**
修改密码页面
@param model
@return
*/
@RequestMapping(value=“/edit_password”,method=RequestMethod.GET)
public ModelAndView editPassword(ModelAndView model){
model.setViewName(“system/edit_password”);
return model;
@RequestMapping(value=“/edit_password”,method=RequestMethod.POST)
@ResponseBody
public Map<String, String> editPasswordAct(String newpassword,String oldpassword,HttpServletRequest request){
Map<String, String> ret = new HashMap<String, String>();
if(StringUtils.isEmpty(newpassword)){
ret.put(“type”, “error”);
ret.put(“msg”, “请填写新密码!”);
return ret;
User user = (User)request.getSession().getAttribute(“admin”);
if(!user.getPassword().equals(oldpassword)){
ret.put(“type”, “error”);
ret.put(“msg”, “原密码错误!”);
return ret;
user.setPassword(newpassword);
if(userService.editPassword(user) <= 0){
ret.put(“type”, “error”);
ret.put(“msg”, “密码修改失败,请联系管理员!”);
return ret;
ret.put(“type”, “success”);
ret.put(“msg”, “密码修改成功!”);
logService.add(“用户名为{”+user.getUsername()+“},的用户成功修改密码!”);
return ret;
/**
本系统所有的验证码均采用此方法
@param vcodeLen
@param width
@param height
@param cpachaType:用来区别验证码的类型,传入字符串
@param request
@param response
*/
@RequestMapping(value=“/get_cpacha”,method=RequestMethod.GET)
public void generateCpacha(
@RequestParam(name=“vl”,required=false,defaultValue=“4”) Integer vcodeLen,
@RequestParam(name=“w”,required=false,defaultValue=“100”) Integer width,
@RequestParam(name=“h”,required=false,defaultValue=“30”) Integer height,
@RequestParam(name=“type”,required=true,defaultValue=“loginCpacha”) String cpachaType,
HttpServletRequest request,
HttpServletResponse response){
CpachaUtil cpachaUtil = new CpachaUtil(vcodeLen, width, height);
String generatorVCode = cpachaUtil.generatorVCode();
request.getSession().setAttribute(cpachaType, generatorVCode);
BufferedImage generatorRotateVCodeImage = cpachaUtil.generatorRotateVCodeImage(generatorVCode, true);
try {
ImageIO.write(generatorRotateVCodeImage, “gif”, response.getOutputStream());
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
角色role控制器:
/**
角色role控制器
@author yy
*/
@RequestMapping(“/admin/role”)
@Controller
public class RoleController {
@Autowired
private RoleService roleService;
@Autowired
private AuthorityService authorityService;
@Autowired
private MenuService menuService;
/**
角色列表页面
@param model
@return
*/
@RequestMapping(value=“/list”,method=RequestMethod.GET)
public ModelAndView list(ModelAndView model){
model.setViewName(“/role/list”);
return model;
/**
获取角色列表
@param page
@param name
@return
*/
@RequestMapping(value=“/list”,method=RequestMethod.POST)
@ResponseBody
public Map<String, Object> getList(Page page,
@RequestParam(name=“name”,required=false,defaultValue=“”) String name
){
Map<String, Object> ret = new HashMap<String, Object>();
Map<String, Object> queryMap = new HashMap<String, Object>();
queryMap.put(“name”, name);
queryMap.put(“offset”, page.getOffset());
queryMap.put(“pageSize”, page.getRows());
ret.put(“rows”, roleService.findList(queryMap));
ret.put(“total”, roleService.getTotal(queryMap));
return ret;
/**
角色添加
@param role
@return
*/
@RequestMapping(value=“/add”,method=RequestMethod.POST)
@ResponseBody
public Map<String, String> add(Role role){
Map<String, String> ret = new HashMap<String, String>();
if(role == null){
ret.put(“type”, “error”);
ret.put(“msg”, “请填写正确的角色信息!”);
return ret;
if(StringUtils.isEmpty(role.getName())){
ret.put(“type”, “error”);
ret.put(“msg”, “请填写角色名称!”);
return ret;
if(roleService.add(role) <= 0){
ret.put(“type”, “error”);
ret.put(“msg”, “角色添加失败,请联系管理员!”);
return ret;
ret.put(“type”, “success”);
ret.put(“msg”, “角色添加成功!”);
return ret;
/**
角色修改
@param role
@return
*/
@RequestMapping(value=“/edit”,method=RequestMethod.POST)
@ResponseBody
public Map<String, String> edit(Role role){
Map<String, String> ret = new HashMap<String, String>();
if(role == null){
ret.put(“type”, “error”);
ret.put(“msg”, “请填写正确的角色信息!”);
return ret;
if(StringUtils.isEmpty(role.getName())){
ret.put(“type”, “error”);
ret.put(“msg”, “请填写角色名称!”);
return ret;
if(roleService.edit(role) <= 0){
ret.put(“type”, “error”);
ret.put(“msg”, “角色修改失败,请联系管理员!”);
return ret;
ret.put(“type”, “success”);
ret.put(“msg”, “角色修改成功!”);
return ret;
/**
删除角色信息
@param id
@return
*/
@RequestMapping(value=“/delete”,method=RequestMethod.POST)
@ResponseBody
public Map<String, String> delete(Long id){
Map<String, String> ret = new HashMap<String, String>();
if(id == null){
ret.put(“type”, “error”);
ret.put(“msg”, “请选择要删除的角色!”);
return ret;
try {
if(roleService.delete(id) <= 0){
ret.put(“type”, “error”);
ret.put(“msg”, “删除失败,请联系管理员!”);
return ret;
} catch (Exception e) {
// TODO: handle exception
ret.put(“type”, “error”);
ret.put(“msg”, “该角色下存在权限或者用户信息,不能删除!”);
return ret;
ret.put(“type”, “success”);
ret.put(“msg”, “角色删除成功!”);
return ret;
/**
获取所有的菜单信息
@return
*/
@RequestMapping(value=“/get_all_menu”,method=RequestMethod.POST)
@ResponseBody
public List
Map<String, Object> queryMap = new HashMap<String, Object>();
queryMap.put(“offset”, 0);
queryMap.put(“pageSize”, 99999);
return menuService.findList(queryMap);
/**
添加权限
@param ids
@return
*/
@RequestMapping(value=“/add_authority”,method=RequestMethod.POST)
@ResponseBody
public Map<String, String> addAuthority(
@RequestParam(name=“ids”,required=true) String ids,
@RequestParam(name=“roleId”,required=true) Long roleId
){
Map<String,String> ret = new HashMap<String, String>();
if(StringUtils.isEmpty(ids)){
ret.put(“type”, “error”);
ret.put(“msg”, “请选择相应的权限!”);
return ret;
if(roleId == null){
ret.put(“type”, “error”);
ret.put(“msg”, “请选择相应的角色!”);
return ret;
if(ids.contains(“,”)){
ids = ids.substring(0,ids.length()-1);
String[] idArr = ids.split(“,”);
if(idArr.length > 0){
authorityService.deleteByRoleId(roleId);
for(String id:idArr){
Authority authority = new Authority();
authority.setMenuId(Long.valueOf(id));
authority.setRoleId(roleId);
authorityService.add(authority);
ret.put(“type”, “success”);
ret.put(“msg”, “权限编辑成功!”);
return ret;
/**
获取某个角色的所有权限
@param roleId
@return
*/
@RequestMapping(value=“/get_role_authority”,method=RequestMethod.POST)
@ResponseBody
public List getRoleAuthority(
@RequestParam(name=“roleId”,required=true) Long roleId
){
return authorityService.findListByRoleId(roleId);
